Developing and expanding robust referral networks is a crucial component of achieving true whole-person care, and central to Connecting for Better Health’s mission. At Connecting for Better Health’s February 27 coalition meeting, we welcomed Chris Ticknor, Chief Transformation Officer at Orange County United Way (OCUW), to give an overview of the organization’s referral network. In addition, we hosted a guided discussion about the HIPAA Proposed Rule and presented SB 660 (Menjivar), a bill sponsored by C4BH in this year’s California legislative cycle.
United Way’s Digital Transformation: Enhancing Social Care Through a Comprehensive Referral Process
OCUW is a non-profit organization that addresses complex issues in education, financial stability, health, and housing. Along with its work leading key initiatives across those priority areas, it runs the local 2-1-1, connecting local Orange County residents with health and human service resources in the community. Recently, OCUW deployed a closed-loop referral system, integrating major case management platforms. By modernizing data architecture, UWOC aims to help community-based organizations (CBOs) and case managers to work within their native systems, improving efficiency and security. To support more robust data exchange between health and social services, UWOC has developed a housing referral model in accordance with the Data Exchange Framework (DxF).
UWOC is engaging with software vendors and case management platforms across 26 counties to streamline housing referrals and aims to connect over 10 million Californians to programs and services. By prioritizing API-based integrations, the OCUW model aims to streamline referrals and enhance service delivery, ensuring communities receive the care they need. In discussion with C4BH participants, Ticknor emphasized the importance of an API gateway launching in May 2025, aiming to facilitate seamless referrals and enhanced data sharing.
HIPAA Cybersecurity Proposed Rule
After Ticknor’s presentation, C4BH led a discussion on the proposed HIPAA cybersecurity rule. The proposal includes: a shift from optional to mandatory compliance with all security rule standards, requiring prescriptive timelines for action, contractual attestations, and increased security measures like annual risk analyses, asset inventories, encryption, and multi-factor authentication.
Attorney Stephen Phillips of Hooper Lundy & Bookman joined to provide a legal perspective, noting that while standardizing requirements is not inherently problematic, business associates may struggle with the attestation mandates. He also highlighted a major industry issue–limitation of liability clauses in contracts, which may shift risk unfairly to covered entities and reduce accountability for business associates in cases of security breaches.
C4BH emphasized the importance of reinforcing data security to maintain trust in health care and advocate for leveraging existing security frameworks and additional funding to help organizations comply with the new mandates. We will continue to monitor updates to this proposed rule. Read our public comment letter here.
California State Legislative Updates
To end the meeting, C4BH announced its sponsorship of SB 660 (Menjivar). The bill would accomplish the following:
- Grant CDII full authority over the DxF;
- Establish the CalHHS Data Exchange Board;
- Clarify required signatory definitions, and expand the list of entities required to sign the DSA;
- Require CDII to convene stakeholders, including consumer advocates and equity experts, to develop recommendations for collecting demographic and health-related social needs data.
C4BH will support SB 660 through letters of support, collecting patient and provider stories to highlight the importance of data sharing, and educating legislative staff and government agencies during our March 19 Day at the Capitol. If you have a story that illustrates the impact of data sharing, please reach out to us at info@connectingforbetterhealth.com for more information.
